Warning: Permanently added '10.128.1.142' (ED25519) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
[ 66.532445][ C1] ------------[ cut here ]------------
[ 66.532866][ C1]
[ 66.532871][ C1] ======================================================
[ 66.532876][ C1] WARNING: possible circular locking dependency detected
[ 66.532882][ C1] 5.15.178-syzkaller #0 Not tainted
[ 66.532890][ C1] ------------------------------------------------------
[ 66.532894][ C1] syz-executor232/4172 is trying to acquire lock:
[ 66.532902][ C1] ffffffff8cb14860 (console_owner){..-.}-{0:0}, at: console_lock_spinning_enable+0x2c/0x60
[ 66.532962][ C1]
[ 66.532962][ C1] but task is already holding lock:
[ 66.532966][ C1] ffff8880b8f28098 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x120/0x260
[ 66.533002][ C1]
[ 66.533002][ C1] which lock already depends on the new lock.
[ 66.533002][ C1]
[ 66.533006][ C1]
[ 66.533006][ C1] the existing dependency chain (in reverse order) is:
[ 66.533011][ C1]
[ 66.533011][ C1] -> #5 (&base->lock){-.-.}-{2:2}:
[ 66.533030][ C1] lock_acquire+0x1db/0x4f0
[ 66.533043][ C1] _raw_spin_lock_irqsave+0xd1/0x120
[ 66.533064][ C1] lock_timer_base+0x120/0x260
[ 66.533080][ C1] __mod_timer+0x1d6/0xeb0
[ 66.533096][ C1] queue_delayed_work_on+0x156/0x250
[ 66.533112][ C1] enqueue_task+0x2fe/0x3a0
[ 66.533129][ C1] wake_up_new_task+0x515/0xb60
[ 66.533145][ C1] kernel_clone+0x44e/0x960
[ 66.533159][ C1] kernel_thread+0x168/0x1e0
[ 66.533172][ C1] rest_init+0x21/0x330
[ 66.533187][ C1] start_kernel+0x48c/0x540
[ 66.533203][ C1] secondary_startup_64_no_verify+0xb1/0xbb
[ 66.533220][ C1]
[ 66.533220][ C1] -> #4 (&rq->__lock){-.-.}-{2:2}:
[ 66.533238][ C1] lock_acquire+0x1db/0x4f0
[ 66.533251][ C1] _raw_spin_lock_nested+0x2d/0x40
[ 66.533267][ C1] raw_spin_rq_lock_nested+0x26/0x140
[ 66.533283][ C1] task_fork_fair+0x5d/0x350
[ 66.533296][ C1] sched_cgroup_fork+0x2d3/0x330
[ 66.533312][ C1] copy_process+0x224a/0x3ef0
[ 66.533333][ C1] kernel_clone+0x210/0x960
[ 66.533346][ C1] kernel_thread+0x168/0x1e0
[ 66.533358][ C1] rest_init+0x21/0x330
[ 66.533372][ C1] start_kernel+0x48c/0x540
[ 66.533387][ C1] secondary_startup_64_no_verify+0xb1/0xbb
[ 66.533402][ C1]
[ 66.533402][ C1] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[ 66.533420][ C1] lock_acquire+0x1db/0x4f0
[ 66.533432][ C1] _raw_spin_lock_irqsave+0xd1/0x120
[ 66.533448][ C1] try_to_wake_up+0xae/0x1300
[ 66.533464][ C1] __wake_up_common+0x2a0/0x4e0
[ 66.533480][ C1] __wake_up+0x112/0x1c0
[ 66.533495][ C1] tty_port_default_wakeup+0xa8/0x100
[ 66.533511][ C1] serial8250_tx_chars+0x60d/0x800
[ 66.533527][ C1] serial8250_handle_irq+0x505/0x600
[ 66.533542][ C1] serial8250_default_handle_irq+0xc8/0x1e0
[ 66.533559][ C1] serial8250_interrupt+0xa1/0x1e0
[ 66.533575][ C1] __handle_irq_event_percpu+0x292/0xa70
[ 66.533594][ C1] handle_irq_event+0xff/0x2b0
[ 66.533609][ C1] handle_edge_irq+0x245/0xbf0
[ 66.533622][ C1] __common_interrupt+0xd7/0x1f0
[ 66.533636][ C1] common_interrupt+0xae/0xd0
[ 66.533650][ C1] asm_common_interrupt+0x22/0x40
[ 66.533667][ C1] lock_is_held_type+0x137/0x180
[ 66.533682][ C1] xas_reload+0x1a4/0x470
[ 66.533697][ C1] next_uptodate_page+0x2be/0x900
[ 66.533713][ C1] filemap_map_pages+0xfa1/0x15c0
[ 66.533728][ C1] handle_mm_fault+0x341b/0x5960
[ 66.533744][ C1] exc_page_fault+0x271/0x700
[ 66.533758][ C1] asm_exc_page_fault+0x22/0x30
[ 66.533774][ C1]
[ 66.533774][ C1] -> #2 (&tty->write_wait){-...}-{2:2}:
[ 66.533793][ C1] lock_acquire+0x1db/0x4f0
[ 66.533805][ C1] _raw_spin_lock_irqsave+0xd1/0x120
[ 66.533821][ C1] __wake_up+0xf5/0x1c0
[ 66.533836][ C1] tty_port_default_wakeup+0xa8/0x100
[ 66.533850][ C1] serial8250_tx_chars+0x60d/0x800
[ 66.533865][ C1] serial8250_handle_irq+0x505/0x600
[ 66.533881][ C1] serial8250_default_handle_irq+0xc8/0x1e0
[ 66.533897][ C1] serial8250_interrupt+0xa1/0x1e0
[ 66.533912][ C1] __handle_irq_event_percpu+0x292/0xa70
[ 66.533927][ C1] handle_irq_event+0xff/0x2b0
[ 66.533942][ C1] handle_edge_irq+0x245/0xbf0
[ 66.533955][ C1] __common_interrupt+0xd7/0x1f0
[ 66.534015][ C1] common_interrupt+0xae/0xd0
[ 66.534089][ C1] asm_common_interrupt+0x22/0x40
[ 66.534109][ C1] _raw_spin_unlock_irqrestore+0xd4/0x130
[ 66.534128][ C1] uart_write+0x6af/0x930
[ 66.534145][ C1] n_tty_write+0xd7e/0x1280
[ 66.534159][ C1] file_tty_write+0x561/0x920
[ 66.534177][ C1] vfs_write+0xacd/0xe50
[ 66.534193][ C1] ksys_write+0x1a2/0x2c0
[ 66.534208][ C1] do_syscall_64+0x3b/0xb0
[ 66.534222][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 66.534240][ C1]
[ 66.534240][ C1] -> #1 (&port_lock_key){-...}-{2:2}:
[ 66.534265][ C1] lock_acquire+0x1db/0x4f0
[ 66.534280][ C1] _raw_spin_lock_irqsave+0xd1/0x120
[ 66.534296][ C1] serial8250_console_write+0x19d/0x1180
[ 66.534312][ C1] console_unlock+0xced/0x12b0
[ 66.534327][ C1] vprintk_emit+0xbf/0x150
[ 66.534340][ C1] _printk+0xd1/0x120
[ 66.534356][ C1] register_console+0x65a/0x940
[ 66.534370][ C1] univ8250_console_init+0x41/0x50
[ 66.534389][ C1] console_init+0x18c/0x660
[ 66.534403][ C1] start_kernel+0x301/0x540
[ 66.534419][ C1] secondary_startup_64_no_verify+0xb1/0xbb
[ 66.534437][ C1]
[ 66.534437][ C1] -> #0 (console_owner){..-.}-{0:0}:
[ 66.534456][ C1] validate_chain+0x1649/0x5930
[ 66.534471][ C1] __lock_acquire+0x1295/0x1ff0
[ 66.534484][ C1] lock_acquire+0x1db/0x4f0
[ 66.534496][ C1] console_lock_spinning_enable+0x51/0x60
[ 66.534511][ C1] console_unlock+0xa47/0x12b0
[ 66.534525][ C1] vprintk_emit+0xbf/0x150
[ 66.534538][ C1] _printk+0xd1/0x120
[ 66.534553][ C1] report_bug+0x1e5/0x2e0
[ 66.534568][ C1] handle_bug+0x3d/0x70
[ 66.534582][ C1] exc_invalid_op+0x16/0x40
[ 66.534595][ C1] asm_exc_invalid_op+0x16/0x20
[ 66.534611][ C1] copy_from_user_nofault+0x15c/0x1c0
[ 66.534626][ C1] bpf_probe_read_compat+0xe4/0x180
[ 66.534642][ C1] bpf_prog_63d51858d7cca270+0x3d/0x22c
[ 66.534657][ C1] bpf_trace_run3+0x1d1/0x380
[ 66.534677][ C1] enqueue_timer+0x3ae/0x540
[ 66.534691][ C1] __mod_timer+0xa60/0xeb0
[ 66.534706][ C1] dsp_cmx_send+0x21bb/0x2240
[ 66.534720][ C1] call_timer_fn+0x16d/0x560
[ 66.534733][ C1] __run_timers+0x67c/0x890
[ 66.534745][ C1] run_timer_softirq+0x63/0xf0
[ 66.534761][ C1] handle_softirqs+0x3a7/0x930
[ 66.534775][ C1] __irq_exit_rcu+0x157/0x240
[ 66.534788][ C1] irq_exit_rcu+0x5/0x20
[ 66.534800][ C1] sysvec_apic_timer_interrupt+0xa0/0xc0
[ 66.534816][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 66.534831][ C1] __sanitizer_cov_trace_pc+0x4/0x60
[ 66.534846][ C1] local_lock_release+0x75/0x170
[ 66.534862][ C1] mark_page_accessed+0xd2e/0x1330
[ 66.534877][ C1] unmap_page_range+0xe4f/0x2630
[ 66.534903][ C1] unmap_vmas+0x1f8/0x390
[ 66.534917][ C1] exit_mmap+0x3b6/0x620
[ 66.534931][ C1] __mmput+0x112/0x3b0
[ 66.534944][ C1] exit_mm+0x688/0x7f0
[ 66.534959][ C1] do_exit+0x626/0x2480
[ 66.534973][ C1] do_group_exit+0x144/0x310
[ 66.534989][ C1] __x64_sys_exit_group+0x3b/0x40
[ 66.535005][ C1] do_syscall_64+0x3b/0xb0
[ 66.535024][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 66.535042][ C1]
[ 66.535042][ C1] other info that might help us debug this:
[ 66.535042][ C1]
[ 66.535047][ C1] Chain exists of:
[ 66.535047][ C1] console_owner --> &rq->__lock --> &base->lock
[ 66.535047][ C1]
[ 66.535069][ C1] Possible unsafe locking scenario:
[ 66.535069][ C1]
[ 66.535073][ C1] CPU0 CPU1
[ 66.535076][ C1] ---- ----
[ 66.535079][ C1] lock(&base->lock);
[ 66.535088][ C1] lock(&rq->__lock);
[ 66.535097][ C1] lock(&base->lock);
[ 66.535107][ C1] lock(console_owner);
[ 66.535116][ C1]
[ 66.535116][ C1] *** DEADLOCK ***
[ 66.535116][ C1]
[ 66.535119][ C1] 7 locks held by syz-executor232/4172:
[ 66.535129][ C1] #0: ffff88807158bd38 (ptlock_ptr(page)#2){+.+.}-{2:2}, at: unmap_page_range+0x9c3/0x2630
[ 66.535178][ C1] #1: ffff8880b8f354e0 (lock#5){+.+.}-{2:2}, at: local_lock_acquire+0xd/0x170
[ 66.535216][ C1] #2: ffffc90000dd0be0 ((&dsp_spl_tl)){+.-.}-{0:0}, at: call_timer_fn+0xbe/0x560
[ 66.535249][ C1] #3: ffffffff8d9f0cd8 (dsp_lock){..-.}-{2:2}, at: dsp_cmx_send+0x22/0x2240
[ 66.535285][ C1] #4: ffff8880b8f28098 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x120/0x260
[ 66.535329][ C1] #5: ffffffff8cb1fce0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30
[ 66.535364][ C1] #6: ffffffff8c9fc5a0 (console_lock){+.+.}-{0:0}, at: vprintk_emit+0xa6/0x150
[ 66.535398][ C1]
[ 66.535398][ C1] stack backtrace:
[ 66.535413][ C1] CPU: 1 PID: 4172 Comm: syz-executor232 Not tainted 5.15.178-syzkaller #0
[ 66.535430][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 66.535442][ C1] Call Trace:
[ 66.535451][ C1]
[ 66.535458][ C1] dump_stack_lvl+0x1e3/0x2d0
[ 66.535478][ C1] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 66.535499][ C1] ? print_circular_bug+0x12b/0x1a0
[ 66.535516][ C1] check_noncircular+0x2f8/0x3b0
[ 66.535535][ C1] ? add_chain_block+0x850/0x850
[ 66.535552][ C1] ? lockdep_lock+0x11f/0x2a0
[ 66.535571][ C1] validate_chain+0x1649/0x5930
[ 66.535595][ C1] ? reacquire_held_locks+0x660/0x660
[ 66.535612][ C1] ? format_decode+0x72f/0x1f10
[ 66.535632][ C1] ? lockdep_unlock+0x166/0x300
[ 66.535651][ C1] ? mark_lock+0x98/0x340
[ 66.535666][ C1] __lock_acquire+0x1295/0x1ff0
[ 66.535687][ C1] lock_acquire+0x1db/0x4f0
[ 66.535700][ C1] ? console_lock_spinning_enable+0x2c/0x60
[ 66.535720][ C1] ? read_lock_is_recursive+0x10/0x10
[ 66.535735][ C1] ? console_lock_spinning_enable+0x2c/0x60
[ 66.535751][ C1] ? __lock_acquire+0x1ff0/0x1ff0
[ 66.535764][ C1] ? do_raw_spin_lock+0x14a/0x370
[ 66.535791][ C1] console_lock_spinning_enable+0x51/0x60
[ 66.535807][ C1] ? console_lock_spinning_enable+0x2c/0x60
[ 66.535823][ C1] console_unlock+0xa47/0x12b0
[ 66.535842][ C1] ? console_trylock_spinning+0x3f0/0x3f0
[ 66.535859][ C1] ? __down_trylock_console_sem+0x1f2/0x250
[ 66.535874][ C1] ? vprintk_emit+0xa6/0x150
[ 66.535888][ C1] ? printk_parse_prefix+0x2c0/0x2c0
[ 66.535903][ C1] ? vprintk_emit+0xa6/0x150
[ 66.535917][ C1] ? console_trylock+0x70/0x70
[ 66.535937][ C1] ? vprintk_emit+0x150/0x150
[ 66.535957][ C1] vprintk_emit+0xbf/0x150
[ 66.535973][ C1] _printk+0xd1/0x120
[ 66.535990][ C1] ? mark_lock+0x98/0x340
[ 66.536003][ C1] ? report_bug+0x16e/0x2e0
[ 66.536027][ C1] ? panic+0x860/0x860
[ 66.536042][ C1] ? __lock_acquire+0x1295/0x1ff0
[ 66.536059][ C1] ? find_bug+0x9c/0x350
[ 66.536076][ C1] ? copy_from_user_nofault+0x15c/0x1c0
[ 66.536090][ C1] report_bug+0x1e5/0x2e0
[ 66.536109][ C1] handle_bug+0x3d/0x70
[ 66.536124][ C1] exc_invalid_op+0x16/0x40
[ 66.536139][ C1] asm_exc_invalid_op+0x16/0x20
[ 66.536158][ C1] RIP: 0010:copy_from_user_nofault+0x15c/0x1c0
[ 66.536175][ C1] Code: db 48 c7 c0 f2 ff ff ff 48 0f 44 c5 eb 0c e8 ab ba d5 ff 48 c7 c0 f2 ff ff ff 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 94 ba d5 ff <0f> 0b e9 1e ff ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c ef fe ff
[ 66.536187][ C1] RSP: 0018:ffffc90000dd0770 EFLAGS: 00010046
[ 66.536201][ C1] RAX: ffffffff81aacafc RBX: 0000000000000000 RCX: ffff88802a8dd940
[ 66.536213][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 66.536222][ C1] RBP: dffffc0000000000 R08: ffffffff81aaca0d R09: ffffed100551bb29
[ 66.536234][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000020000000
[ 66.536244][ C1] R13: 0000000000000008 R14: 0000000020000000 R15: ffffc90000dd07e8
[ 66.536259][ C1] ? copy_from_user_nofault+0x6d/0x1c0
[ 66.536275][ C1] ? copy_from_user_nofault+0x15c/0x1c0
[ 66.536294][ C1] bpf_probe_read_compat+0xe4/0x180
[ 66.536312][ C1] bpf_prog_63d51858d7cca270+0x3d/0x22c
[ 66.536325][ C1] bpf_trace_run3+0x1d1/0x380
[ 66.536342][ C1] ? bpf_trace_run2+0x340/0x340
[ 66.536356][ C1] ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 66.536374][ C1] ? _raw_spin_lock_irqsave+0xdd/0x120
[ 66.536391][ C1] ? _raw_spin_lock+0x40/0x40
[ 66.536411][ C1] enqueue_timer+0x3ae/0x540
[ 66.536426][ C1] __mod_timer+0xa60/0xeb0
[ 66.536444][ C1] ? seqcount_lockdep_reader_access+0x1bd/0x220
[ 66.536463][ C1] ? mod_timer_pending+0x20/0x20
[ 66.536479][ C1] ? _raw_read_unlock_irqrestore+0xd9/0x130
[ 66.536496][ C1] ? _raw_read_unlock+0x40/0x40
[ 66.536511][ C1] ? _raw_spin_lock_irqsave+0xdd/0x120
[ 66.536528][ C1] ? _raw_spin_lock+0x40/0x40
[ 66.536544][ C1] ? ktime_get+0x242/0x270
[ 66.536560][ C1] dsp_cmx_send+0x21bb/0x2240
[ 66.536574][ C1] ? read_lock_is_recursive+0x10/0x10
[ 66.536590][ C1] ? detach_timer+0x24/0x2f0
[ 66.536609][ C1] call_timer_fn+0x16d/0x560
[ 66.536623][ C1] ? dsp_cmx_receive+0x1370/0x1370
[ 66.536637][ C1] ? __run_timers+0x890/0x890
[ 66.536653][ C1] ? do_raw_spin_unlock+0x137/0x8b0
[ 66.536669][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 66.536685][ C1] ? dsp_cmx_receive+0x1370/0x1370
[ 66.536698][ C1] ? lockdep_hardirqs_on+0x94/0x130
[ 66.536716][ C1] ? dsp_cmx_receive+0x1370/0x1370
[ 66.536729][ C1] __run_timers+0x67c/0x890
[ 66.536747][ C1] ? detach_timer+0x2f0/0x2f0
[ 66.536760][ C1] ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 66.536778][ C1] ? ktime_get_real_ts64+0x460/0x460
[ 66.536795][ C1] run_timer_softirq+0x63/0xf0
[ 66.536813][ C1] handle_softirqs+0x3a7/0x930
[ 66.536829][ C1] ? __irq_exit_rcu+0x157/0x240
[ 66.536845][ C1] ? do_softirq+0x240/0x240
[ 66.536861][ C1] ? irqtime_account_irq+0xd0/0x1e0
[ 66.536881][ C1] __irq_exit_rcu+0x157/0x240
[ 66.536895][ C1] ? irq_exit_rcu+0x20/0x20
[ 66.536913][ C1] irq_exit_rcu+0x5/0x20
[ 66.536926][ C1] sysvec_apic_timer_interrupt+0xa0/0xc0
[ 66.536944][ C1]
[ 66.536948][ C1]
[ 66.536952][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 66.536967][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x4/0x60
[ 66.536985][ C1] Code: 00 00 00 0f 1f 00 53 48 89 fb e8 17 00 00 00 48 8b 3d 18 04 8a 0c 48 89 de 5b e9 47 11 49 00 cc cc cc cc cc cc cc 48 8b 04 24 <65> 48 8b 0d 24 ea 81 7e 65 8b 15 25 ea 81 7e 81 e2 00 01 ff 00 74
[ 66.536997][ C1] RSP: 0018:ffffc90002edf6e0 EFLAGS: 00000246
[ 66.537010][ C1] RAX: ffffffff81ac7915 RBX: ffff8880b8f35508 RCX: ffffffff96a92f03
[ 66.537032][ C1] RDX: ffff88802a8dd940 RSI: 0000000000000000 RDI: 0000000000000000
[ 66.537042][ C1] RBP: 0000000000000001 R08: ffffffff81ac78de R09: 0000000000000003
[ 66.537052][ C1] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffffea00003d3380
[ 66.537064][ C1] R13: dffffc0000000000 R14: ffff8880b8f354e0 R15: dffffc0000000000
[ 66.537079][ C1] ? local_lock_release+0x3e/0x170
[ 66.537094][ C1] ? local_lock_release+0x75/0x170
[ 66.537112][ C1] local_lock_release+0x75/0x170
[ 66.537128][ C1] mark_page_accessed+0xd2e/0x1330
[ 66.537147][ C1] unmap_page_range+0xe4f/0x2630
[ 66.537175][ C1] ? mmu_notifier_invalidate_range_end+0xf0/0xf0
[ 66.537194][ C1] ? __lock_acquire+0x1ff0/0x1ff0
[ 66.537208][ C1] ? uprobe_munmap+0x17a/0x400
[ 66.537227][ C1] ? unmap_single_vma+0x1a1/0x2d0
[ 66.537245][ C1] unmap_vmas+0x1f8/0x390
[ 66.537263][ C1] ? unmap_page_range+0x2630/0x2630
[ 66.537284][ C1] ? tlb_gather_mmu_fullmm+0x159/0x200
[ 66.537302][ C1] exit_mmap+0x3b6/0x620
[ 66.537318][ C1] ? vm_brk+0x20/0x20
[ 66.537337][ C1] ? uprobe_clear_state+0x304/0x460
[ 66.537357][ C1] __mmput+0x112/0x3b0
[ 66.537372][ C1] exit_mm+0x688/0x7f0
[ 66.537388][ C1] ? _raw_spin_unlock_irq+0x2a/0x40
[ 66.537408][ C1] ? do_exit+0x2480/0x2480
[ 66.537425][ C1] ? rcu_is_watching+0x11/0xa0
[ 66.537440][ C1] ? hrtimer_try_to_cancel+0x3c9/0x410
[ 66.537454][ C1] ? taskstats_exit+0x491/0xa10
[ 66.537469][ C1] ? tty_audit_exit+0x150/0x1f0
[ 66.537487][ C1] do_exit+0x626/0x2480
[ 66.537507][ C1] ? put_task_struct+0x80/0x80
[ 66.537524][ C1] ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 66.537542][ C1] ? vtime_user_exit+0x2d1/0x400
[ 66.537561][ C1] do_group_exit+0x144/0x310
[ 66.537580][ C1] __x64_sys_exit_group+0x3b/0x40
[ 66.537597][ C1] do_syscall_64+0x3b/0xb0
[ 66.537611][ C1] ? clear_bhb_loop+0x15/0x70
[ 66.537625][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 66.537643][ C1] RIP: 0033:0x7f521a727de9
[ 66.537655][ C1] Code: Unable to access opcode bytes at RIP 0x7f521a727dbf.
[ 66.537661][ C1] RSP: 002b:00007ffee6dc6608 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 66.537677][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f521a727de9
[ 66.537687][ C1] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 66.537696][ C1] RBP: 00007f521a7a1370 R08: ffffffffffffffb8 R09: 0000000000000000
[ 66.537708][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f521a7a1370
[ 66.537723][ C1] R13: 0000000000000000 R14: 00007f521a7a2e40 R15: 00007f521a6f0ee0
[ 66.537739][ C1]
[ 68.275784][ C1] WARNING: CPU: 1 PID: 4172 at mm/maccess.c:226 copy_from_user_nofault+0x15c/0x1c0
[ 68.285352][ C1] Modules linked in:
[ 68.289374][ C1] CPU: 1 PID: 4172 Comm: syz-executor232 Not tainted 5.15.178-syzkaller #0
[ 68.297965][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 68.308205][ C1] RIP: 0010:copy_from_user_nofault+0x15c/0x1c0
[ 68.314468][ C1] Code: db 48 c7 c0 f2 ff ff ff 48 0f 44 c5 eb 0c e8 ab ba d5 ff 48 c7 c0 f2 ff ff ff 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 94 ba d5 ff <0f> 0b e9 1e ff ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c ef fe ff
[ 68.335469][ C1] RSP: 0018:ffffc90000dd0770 EFLAGS: 00010046
[ 68.341571][ C1] RAX: ffffffff81aacafc RBX: 0000000000000000 RCX: ffff88802a8dd940
[ 68.349723][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 68.357704][ C1] RBP: dffffc0000000000 R08: ffffffff81aaca0d R09: ffffed100551bb29
[ 68.366578][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000020000000
[ 68.375121][ C1] R13: 0000000000000008 R14: 0000000020000000 R15: ffffc90000dd07e8
[ 68.383467][ C1] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[ 68.392501][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 68.399112][ C1] CR2: 00007f521a7a3250 CR3: 000000000c88e000 CR4: 00000000003506e0
[ 68.407365][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 68.415356][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 68.423604][ C1] Call Trace:
[ 68.427169][ C1]
[ 68.430116][ C1] ? __warn+0x15b/0x300
[ 68.434549][ C1] ? copy_from_user_nofault+0x15c/0x1c0
[ 68.440115][ C1] ? report_bug+0x1b7/0x2e0
[ 68.444985][ C1] ? handle_bug+0x3d/0x70
[ 68.449421][ C1] ? exc_invalid_op+0x16/0x40
[ 68.454229][ C1] ? asm_exc_invalid_op+0x16/0x20
[ 68.459376][ C1] ? copy_from_user_nofault+0x6d/0x1c0
[ 68.465048][ C1] ? copy_from_user_nofault+0x15c/0x1c0
[ 68.470632][ C1] ? copy_from_user_nofault+0x15c/0x1c0
[ 68.476194][ C1] bpf_probe_read_compat+0xe4/0x180
[ 68.481605][ C1] bpf_prog_63d51858d7cca270+0x3d/0x22c
[ 68.487149][ C1] bpf_trace_run3+0x1d1/0x380
[ 68.492055][ C1] ? bpf_trace_run2+0x340/0x340
[ 68.497000][ C1] ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 68.503099][ C1] ? _raw_spin_lock_irqsave+0xdd/0x120
[ 68.509101][ C1] ? _raw_spin_lock+0x40/0x40
[ 68.513808][ C1] enqueue_timer+0x3ae/0x540
[ 68.519039][ C1] __mod_timer+0xa60/0xeb0
[ 68.524000][ C1] ? seqcount_lockdep_reader_access+0x1bd/0x220
[ 68.532189][ C1] ? mod_timer_pending+0x20/0x20
[ 68.537139][ C1] ? _raw_read_unlock_irqrestore+0xd9/0x130
[ 68.543147][ C1] ? _raw_read_unlock+0x40/0x40
[ 68.548261][ C1] ? _raw_spin_lock_irqsave+0xdd/0x120
[ 68.553815][ C1] ? _raw_spin_lock+0x40/0x40
[ 68.558582][ C1] ? ktime_get+0x242/0x270
[ 68.563026][ C1] dsp_cmx_send+0x21bb/0x2240
[ 68.567700][ C1] ? read_lock_is_recursive+0x10/0x10
[ 68.573080][ C1] ? detach_timer+0x24/0x2f0
[ 68.577755][ C1] call_timer_fn+0x16d/0x560
[ 68.582948][ C1] ? dsp_cmx_receive+0x1370/0x1370
[ 68.588182][ C1] ? __run_timers+0x890/0x890
[ 68.593001][ C1] ? do_raw_spin_unlock+0x137/0x8b0
[ 68.598649][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 68.603952][ C1] ? dsp_cmx_receive+0x1370/0x1370
[ 68.609085][ C1] ? lockdep_hardirqs_on+0x94/0x130
[ 68.614292][ C1] ? dsp_cmx_receive+0x1370/0x1370
[ 68.619574][ C1] __run_timers+0x67c/0x890
[ 68.624187][ C1] ? detach_timer+0x2f0/0x2f0
[ 68.628881][ C1] ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 68.634871][ C1] ? ktime_get_real_ts64+0x460/0x460
[ 68.640251][ C1] run_timer_softirq+0x63/0xf0
[ 68.645200][ C1] handle_softirqs+0x3a7/0x930
[ 68.649965][ C1] ? __irq_exit_rcu+0x157/0x240
[ 68.655251][ C1] ? do_softirq+0x240/0x240
[ 68.659753][ C1] ? irqtime_account_irq+0xd0/0x1e0
[ 68.665077][ C1] __irq_exit_rcu+0x157/0x240
[ 68.669921][ C1] ? irq_exit_rcu+0x20/0x20
[ 68.674718][ C1] irq_exit_rcu+0x5/0x20
[ 68.678964][ C1] sysvec_apic_timer_interrupt+0xa0/0xc0
[ 68.684599][ C1]
[ 68.687524][ C1]
[ 68.690476][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 68.696453][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x4/0x60
[ 68.703138][ C1] Code: 00 00 00 0f 1f 00 53 48 89 fb e8 17 00 00 00 48 8b 3d 18 04 8a 0c 48 89 de 5b e9 47 11 49 00 cc cc cc cc cc cc cc 48 8b 04 24 <65> 48 8b 0d 24 ea 81 7e 65 8b 15 25 ea 81 7e 81 e2 00 01 ff 00 74
[ 68.723198][ C1] RSP: 0018:ffffc90002edf6e0 EFLAGS: 00000246
[ 68.729312][ C1] RAX: ffffffff81ac7915 RBX: ffff8880b8f35508 RCX: ffffffff96a92f03
[ 68.737284][ C1] RDX: ffff88802a8dd940 RSI: 0000000000000000 RDI: 0000000000000000
[ 68.745253][ C1] RBP: 0000000000000001 R08: ffffffff81ac78de R09: 0000000000000003
[ 68.753404][ C1] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffffea00003d3380
[ 68.761478][ C1] R13: dffffc0000000000 R14: ffff8880b8f354e0 R15: dffffc0000000000
[ 68.769468][ C1] ? local_lock_release+0x3e/0x170
[ 68.774583][ C1] ? local_lock_release+0x75/0x170
[ 68.779715][ C1] local_lock_release+0x75/0x170
[ 68.784752][ C1] mark_page_accessed+0xd2e/0x1330
[ 68.789966][ C1] unmap_page_range+0xe4f/0x2630
[ 68.795013][ C1] ? mmu_notifier_invalidate_range_end+0xf0/0xf0
[ 68.801448][ C1] ? __lock_acquire+0x1ff0/0x1ff0
[ 68.806606][ C1] ? uprobe_munmap+0x17a/0x400
[ 68.811484][ C1] ? unmap_single_vma+0x1a1/0x2d0
[ 68.816551][ C1] unmap_vmas+0x1f8/0x390
[ 68.820916][ C1] ? unmap_page_range+0x2630/0x2630
[ 68.826124][ C1] ? tlb_gather_mmu_fullmm+0x159/0x200
[ 68.831671][ C1] exit_mmap+0x3b6/0x620
[ 68.836092][ C1] ? vm_brk+0x20/0x20
[ 68.840886][ C1] ? uprobe_clear_state+0x304/0x460
[ 68.846111][ C1] __mmput+0x112/0x3b0
[ 68.850591][ C1] exit_mm+0x688/0x7f0
[ 68.855019][ C1] ? _raw_spin_unlock_irq+0x2a/0x40
[ 68.861244][ C1] ? do_exit+0x2480/0x2480
[ 68.866154][ C1] ? rcu_is_watching+0x11/0xa0
[ 68.871377][ C1] ? hrtimer_try_to_cancel+0x3c9/0x410
[ 68.877312][ C1] ? taskstats_exit+0x491/0xa10
[ 68.882200][ C1] ? tty_audit_exit+0x150/0x1f0
[ 68.887069][ C1] do_exit+0x626/0x2480
[ 68.891230][ C1] ? put_task_struct+0x80/0x80
[ 68.896003][ C1] ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 68.902915][ C1] ? vtime_user_exit+0x2d1/0x400
[ 68.907875][ C1] do_group_exit+0x144/0x310
[ 68.912579][ C1] __x64_sys_exit_group+0x3b/0x40
[ 68.917716][ C1] do_syscall_64+0x3b/0xb0
[ 68.922473][ C1] ? clear_bhb_loop+0x15/0x70
[ 68.927963][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 68.933960][ C1] RIP: 0033:0x7f521a727de9
[ 68.938396][ C1] Code: Unable to access opcode bytes at RIP 0x7f521a727dbf.
[ 68.945888][ C1] RSP: 002b:00007ffee6dc6608 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 68.954341][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f521a727de9
[ 68.962988][ C1] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 68.971702][ C1] RBP: 00007f521a7a1370 R08: ffffffffffffffb8 R09: 0000000000000000
[ 68.980336][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f521a7a1370
[ 68.989097][ C1] R13: 0000000000000000 R14: 00007f521a7a2e40 R15: 00007f521a6f0ee0
[ 68.997272][ C1]
[ 69.000425][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 69.008279][ C1] CPU: 1 PID: 4172 Comm: syz-executor232 Not tainted 5.15.178-syzkaller #0
[ 69.018025][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 69.028503][ C1] Call Trace:
[ 69.032174][ C1]
[ 69.035391][ C1] dump_stack_lvl+0x1e3/0x2d0
[ 69.040178][ C1] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 69.046277][ C1] ? panic+0x860/0x860
[ 69.050679][ C1] ? copy_from_user_nofault+0x60/0x1c0
[ 69.056250][ C1] ? copy_from_user_nofault+0x60/0x1c0
[ 69.061722][ C1] panic+0x318/0x860
[ 69.065631][ C1] ? __warn+0x16a/0x300
[ 69.069992][ C1] ? fb_is_primary_device+0xd0/0xd0
[ 69.075216][ C1] ? copy_from_user_nofault+0x15c/0x1c0
[ 69.080803][ C1] __warn+0x2b2/0x300
[ 69.084828][ C1] ? copy_from_user_nofault+0x15c/0x1c0
[ 69.090581][ C1] report_bug+0x1b7/0x2e0
[ 69.094925][ C1] handle_bug+0x3d/0x70
[ 69.099088][ C1] exc_invalid_op+0x16/0x40
[ 69.103798][ C1] asm_exc_invalid_op+0x16/0x20
[ 69.108758][ C1] RIP: 0010:copy_from_user_nofault+0x15c/0x1c0
[ 69.116174][ C1] Code: db 48 c7 c0 f2 ff ff ff 48 0f 44 c5 eb 0c e8 ab ba d5 ff 48 c7 c0 f2 ff ff ff 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 94 ba d5 ff <0f> 0b e9 1e ff ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c ef fe ff
[ 69.136419][ C1] RSP: 0018:ffffc90000dd0770 EFLAGS: 00010046
[ 69.142514][ C1] RAX: ffffffff81aacafc RBX: 0000000000000000 RCX: ffff88802a8dd940
[ 69.150713][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 69.159454][ C1] RBP: dffffc0000000000 R08: ffffffff81aaca0d R09: ffffed100551bb29
[ 69.169127][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000020000000
[ 69.179926][ C1] R13: 0000000000000008 R14: 0000000020000000 R15: ffffc90000dd07e8
[ 69.189827][ C1] ? copy_from_user_nofault+0x6d/0x1c0
[ 69.196386][ C1] ? copy_from_user_nofault+0x15c/0x1c0
[ 69.203954][ C1] bpf_probe_read_compat+0xe4/0x180
[ 69.209285][ C1] bpf_prog_63d51858d7cca270+0x3d/0x22c
[ 69.214872][ C1] bpf_trace_run3+0x1d1/0x380
[ 69.220561][ C1] ? bpf_trace_run2+0x340/0x340
[ 69.225412][ C1] ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 69.231499][ C1] ? _raw_spin_lock_irqsave+0xdd/0x120
[ 69.237566][ C1] ? _raw_spin_lock+0x40/0x40
[ 69.243047][ C1] enqueue_timer+0x3ae/0x540
[ 69.247952][ C1] __mod_timer+0xa60/0xeb0
[ 69.252477][ C1] ? seqcount_lockdep_reader_access+0x1bd/0x220
[ 69.258756][ C1] ? mod_timer_pending+0x20/0x20
[ 69.263838][ C1] ? _raw_read_unlock_irqrestore+0xd9/0x130
[ 69.270121][ C1] ? _raw_read_unlock+0x40/0x40
[ 69.274991][ C1] ? _raw_spin_lock_irqsave+0xdd/0x120
[ 69.280993][ C1] ? _raw_spin_lock+0x40/0x40
[ 69.285793][ C1] ? ktime_get+0x242/0x270
[ 69.290217][ C1] dsp_cmx_send+0x21bb/0x2240
[ 69.294908][ C1] ? read_lock_is_recursive+0x10/0x10
[ 69.300810][ C1] ? detach_timer+0x24/0x2f0
[ 69.306095][ C1] call_timer_fn+0x16d/0x560
[ 69.310690][ C1] ? dsp_cmx_receive+0x1370/0x1370
[ 69.316005][ C1] ? __run_timers+0x890/0x890
[ 69.320781][ C1] ? do_raw_spin_unlock+0x137/0x8b0
[ 69.326360][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 69.331776][ C1] ? dsp_cmx_receive+0x1370/0x1370
[ 69.338052][ C1] ? lockdep_hardirqs_on+0x94/0x130
[ 69.343817][ C1] ? dsp_cmx_receive+0x1370/0x1370
[ 69.348963][ C1] __run_timers+0x67c/0x890
[ 69.354134][ C1] ? detach_timer+0x2f0/0x2f0
[ 69.359292][ C1] ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 69.366077][ C1] ? ktime_get_real_ts64+0x460/0x460
[ 69.372448][ C1] run_timer_softirq+0x63/0xf0
[ 69.377509][ C1] handle_softirqs+0x3a7/0x930
[ 69.382462][ C1] ? __irq_exit_rcu+0x157/0x240
[ 69.387332][ C1] ? do_softirq+0x240/0x240
[ 69.391832][ C1] ? irqtime_account_irq+0xd0/0x1e0
[ 69.397116][ C1] __irq_exit_rcu+0x157/0x240
[ 69.402074][ C1] ? irq_exit_rcu+0x20/0x20
[ 69.407540][ C1] irq_exit_rcu+0x5/0x20
[ 69.412087][ C1] sysvec_apic_timer_interrupt+0xa0/0xc0
[ 69.417836][ C1]
[ 69.420975][ C1]
[ 69.423907][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 69.430085][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x4/0x60
[ 69.436263][ C1] Code: 00 00 00 0f 1f 00 53 48 89 fb e8 17 00 00 00 48 8b 3d 18 04 8a 0c 48 89 de 5b e9 47 11 49 00 cc cc cc cc cc cc cc 48 8b 04 24 <65> 48 8b 0d 24 ea 81 7e 65 8b 15 25 ea 81 7e 81 e2 00 01 ff 00 74
[ 69.456516][ C1] RSP: 0018:ffffc90002edf6e0 EFLAGS: 00000246
[ 69.463052][ C1] RAX: ffffffff81ac7915 RBX: ffff8880b8f35508 RCX: ffffffff96a92f03
[ 69.471581][ C1] RDX: ffff88802a8dd940 RSI: 0000000000000000 RDI: 0000000000000000
[ 69.479965][ C1] RBP: 0000000000000001 R08: ffffffff81ac78de R09: 0000000000000003
[ 69.488062][ C1] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffffea00003d3380
[ 69.496407][ C1] R13: dffffc0000000000 R14: ffff8880b8f354e0 R15: dffffc0000000000
[ 69.505559][ C1] ? local_lock_release+0x3e/0x170
[ 69.510983][ C1] ? local_lock_release+0x75/0x170
[ 69.516672][ C1] local_lock_release+0x75/0x170
[ 69.521633][ C1] mark_page_accessed+0xd2e/0x1330
[ 69.527189][ C1] unmap_page_range+0xe4f/0x2630
[ 69.533553][ C1] ? mmu_notifier_invalidate_range_end+0xf0/0xf0
[ 69.540184][ C1] ? __lock_acquire+0x1ff0/0x1ff0
[ 69.545934][ C1] ? uprobe_munmap+0x17a/0x400
[ 69.550849][ C1] ? unmap_single_vma+0x1a1/0x2d0
[ 69.556189][ C1] unmap_vmas+0x1f8/0x390
[ 69.560934][ C1] ? unmap_page_range+0x2630/0x2630
[ 69.566242][ C1] ? tlb_gather_mmu_fullmm+0x159/0x200
[ 69.571771][ C1] exit_mmap+0x3b6/0x620
[ 69.577290][ C1] ? vm_brk+0x20/0x20
[ 69.581855][ C1] ? uprobe_clear_state+0x304/0x460
[ 69.587100][ C1] __mmput+0x112/0x3b0
[ 69.591276][ C1] exit_mm+0x688/0x7f0
[ 69.596265][ C1] ? _raw_spin_unlock_irq+0x2a/0x40
[ 69.602454][ C1] ? do_exit+0x2480/0x2480
[ 69.608626][ C1] ? rcu_is_watching+0x11/0xa0
[ 69.613856][ C1] ? hrtimer_try_to_cancel+0x3c9/0x410
[ 69.621185][ C1] ? taskstats_exit+0x491/0xa10
[ 69.626231][ C1] ? tty_audit_exit+0x150/0x1f0
[ 69.631187][ C1] do_exit+0x626/0x2480
[ 69.635448][ C1] ? put_task_struct+0x80/0x80
[ 69.640229][ C1] ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 69.647030][ C1] ? vtime_user_exit+0x2d1/0x400
[ 69.652174][ C1] do_group_exit+0x144/0x310
[ 69.658005][ C1] __x64_sys_exit_group+0x3b/0x40
[ 69.663602][ C1] do_syscall_64+0x3b/0xb0
[ 69.668035][ C1] ? clear_bhb_loop+0x15/0x70
[ 69.672731][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 69.678881][ C1] RIP: 0033:0x7f521a727de9
[ 69.684875][ C1] Code: Unable to access opcode bytes at RIP 0x7f521a727dbf.
[ 69.692900][ C1] RSP: 002b:00007ffee6dc6608 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 69.703876][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f521a727de9
[ 69.713354][ C1] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 69.724175][ C1] RBP: 00007f521a7a1370 R08: ffffffffffffffb8 R09: 0000000000000000
[ 69.732967][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f521a7a1370
[ 69.742926][ C1] R13: 0000000000000000 R14: 00007f521a7a2e40 R15: 00007f521a6f0ee0
[ 69.752228][ C1]
[ 69.756253][ C1] Kernel Offset: disabled
[ 69.761611][ C1] Rebooting in 86400 seconds..